Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an βEdit color paletteβ search that triggers an βindex out of rangeβ condition. NOTE: this issue is disputed by multiple third parties because the described attack scenario does not cross a privilege boundary